From ba05d3a8b9e934e01e8b2ddee87269ae0a766427 Mon Sep 17 00:00:00 2001 From: James Robinson Date: Thu, 28 Sep 2023 16:53:34 +0100 Subject: [PATCH] :memo: Improve description of LDAP output --- README.md | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 741f091..2162790 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,42 @@ The name is a slightly tortured acronym for: LD**A**P **pr**oxy for Open**I**D * Start the `Apricot` server on port 8080 by running: ```bash -python run.py --client-id "" --client-secret "" --tenant-id "" --backend MicrosoftEntra --port 8080 +python run.py --client-id "" --client-secret "" --tenant-id "" --backend MicrosoftEntra --port 8080 --domain +``` + +This will create an LDAP tree that looks like this: + +``` +dn: DC= +objectClass: dcObject + +dn: OU=users,DC= +objectClass: organizationalUnit +ou: users + +dn: OU=groups,DC= +objectClass: organizationalUnit +ou: groups +``` + +Each user will have an entry like + +``` +dn: CN=,OU=users,DC= +objectClass: organizationalPerson +objectClass: person +objectClass: top +objectClass: user + +``` + +Each group will have an entry like + +``` +dn: CN=,OU=groups,DC= +objectClass: group +objectClass: top + ``` ## OpenID Connect